CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-0911 – Indent: heap-based buffer overflow in set_buf_break()
https://notcve.org/view.php?id=CVE-2024-0911
06 Feb 2024 — A flaw was found in indent, a program for formatting C code. This issue may allow an attacker to trick a user into processing a specially crafted file to trigger a heap-based buffer overflow, causing the application to crash. Se encontró una falla en Indent. Este problema puede permitir que un usuario local utilice un archivo especialmente manipulado para desencadenar un desbordamiento de búfer de almacenamiento dinámico, lo que puede provocar un bloqueo de la aplicación. • https://access.redhat.com/security/cve/CVE-2024-0911 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1CVE-2024-0684 – Coreutils: heap overflow in split --line-bytes with very long lines
https://notcve.org/view.php?id=CVE-2024-0684
06 Feb 2024 — A flaw was found in the GNU coreutils "split" program. A heap overflow with user-controlled data of multiple hundred bytes in length could occur in the line_bytes_split() function, potentially leading to an application crash and denial of service. Se encontró una falla en el programa "split" de GNU coreutils. Podría producirse un desbordamiento de almacenamiento dinámico con datos controlados por el usuario de varios cientos de bytes de longitud en la función line_bytes_split(), lo que podría provocar un bl... • https://github.com/Valentin-Metz/writeup_split • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 1CVE-2023-7216 – Cpio: extraction allows symlinks which enables remote command execution
https://notcve.org/view.php?id=CVE-2023-7216
05 Feb 2024 — A path traversal vulnerability was found in the CPIO utility. This issue could allow a remote unauthenticated attacker to trick a user into opening a specially crafted archive. During the extraction process, the archiver could follow symlinks outside of the intended directory, which allows files to be written in arbitrary directories through symlinks. Se encontró una vulnerabilidad de path traversal en la utilidad CPIO. Este problema podría permitir que un atacante remoto no autenticado engañe a un usuario ... • https://access.redhat.com/security/cve/CVE-2023-7216 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 8.4EPSS: 4%CPEs: 3EXPL: 9CVE-2023-6246 – Glibc: heap-based buffer overflow in __vsyslog_internal()
https://notcve.org/view.php?id=CVE-2023-6246
31 Jan 2024 — A heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when the openlog function was not called, or called with the ident argument set to NULL, and the program name (the basename of argv[0]) is bigger than 1024 bytes, resulting in an application crash or local privilege escalation. This issue affects glibc 2.36 and newer. Se encontró un desbordamiento de búfer en la región Heap de la memor... • https://packetstorm.news/files/id/176932 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 8.2EPSS: 1%CPEs: 3EXPL: 4CVE-2023-6779 – Glibc: off-by-one heap-based buffer overflow in __vsyslog_internal()
https://notcve.org/view.php?id=CVE-2023-6779
31 Jan 2024 — An off-by-one heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a message bigger than INT_MAX bytes, leading to an incorrect calculation of the buffer size to store the message, resulting in an application crash. This issue affects glibc 2.37 and newer. Se encontró un desbordamiento de búfer en la región Heap de la memoria de off-by-one en la función... • https://packetstorm.news/files/id/176932 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 1%CPEs: 3EXPL: 4CVE-2023-6780 – Glibc: integer overflow in __vsyslog_internal()
https://notcve.org/view.php?id=CVE-2023-6780
31 Jan 2024 — An integer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a very long message, leading to an incorrect calculation of the buffer size to store the message, resulting in undefined behavior. This issue affects glibc 2.37 and newer. Se encontró un desbordamiento de enteros en la función __vsyslog_internal de la liibrería glibc. • https://packetstorm.news/files/id/176932 • CWE-131: Incorrect Calculation of Buffer Size CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 2%CPEs: 4EXPL: 1CVE-2024-0553 – Gnutls: incomplete fix for cve-2023-5981
https://notcve.org/view.php?id=CVE-2024-0553
16 Jan 2024 — A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from the response times of ciphertexts with correct PKCS#1 v1.5 padding. This issue may allow a remote attacker to perform a timing side-channel attack in the RSA-PSK key exchange, potentially leading to the leakage of sensitive data. CVE-2024-0553 is designated as an incomplete resolution for CVE-2023-5981. Se encontró una vulnerabilidad en GnuTLS. • http://www.openwall.com/lists/oss-security/2024/01/19/3 • CWE-203: Observable Discrepancy •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 2CVE-2024-0567 – Gnutls: rejects certificate chain with distributed trust
https://notcve.org/view.php?id=CVE-2024-0567
16 Jan 2024 — A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate chain with distributed trust. This issue occurs when validating a certificate chain with cockpit-certificate-ensure. This flaw allows an unauthenticated, remote client or attacker to initiate a denial of service attack. Se encontró una vulnerabilidad en GnuTLS, donde una cabina (que usa gnuTLS) rechaza una cadena de certificados con confianza distribuida. Este problema ocurre al validar una cadena de certificados ... • http://www.openwall.com/lists/oss-security/2024/01/19/3 • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 0CVE-2023-4001 – Grub2: bypass the grub password protection feature
https://notcve.org/view.php?id=CVE-2023-4001
15 Jan 2024 — An authentication bypass flaw was found in GRUB due to the way that GRUB uses the UUID of a device to search for the configuration file that contains the password hash for the GRUB password protection feature. An attacker capable of attaching an external drive such as a USB stick containing a file system with a duplicate UUID (the same as in the "/boot/" file system) can bypass the GRUB password protection feature on UEFI systems, which enumerate removable drives before non-removable ones. This issue was in... • http://www.openwall.com/lists/oss-security/2024/01/15/3 • CWE-290: Authentication Bypass by Spoofing •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-26157
https://notcve.org/view.php?id=CVE-2023-26157
02 Jan 2024 — Versions of the package libredwg before 0.12.5.6384 are vulnerable to Denial of Service (DoS) due to an out-of-bounds read involving section->num_pages in decode_r2007.c. Las versiones del paquete libredwg anteriores a 0.12.5.6384 son vulnerables a la Denegación de Servicio (DoS) debido a una lectura fuera de los límites que involucra section->num_pages en decode_r2007.c. • https://github.com/LibreDWG/libredwg/commit/c8cf03ce4c2315b146caf582ea061c0460193bcc • CWE-125: Out-of-bounds Read CWE-400: Uncontrolled Resource Consumption •